- SAP Community
- Products and Technology
- Additional Q&A
- SAP RAR Mitigation On Rule Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
SAP RAR Mitigation On Rule Level
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 04-11-2011 5:14 PM
Hi All
We are using SAP GRC - AC-RAR 5.3_11.0. We have a requirement to mitigate any risk violations on a role at the Action Rule Id Level . At the moment i have created mitigation Controls based on 7 character Rule Id in the RISK ID field . But if i change a risk and update the rules then the mitigation control is not working as the Rule ID is changed during rule update . Whats the best practice for rule keeping in this case . Thanks in advance
Regards
Prasad
Accepted Solutions (0)
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Prasad,
Please go through the below note.. it will help you..
SAP Note 1542565 - Mitigations at Action versus Permission
level
Regards,
Arjuna.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Arjuna
Thanks for the NOTE . As per the note i am going with the mitigations at the Action Level (7 Digit) but my question still remains about the best practice to maintain the rules . If i update the rules , system changing the 7 digit ID which will void the mitigations .Do i need to maintain the rules manually without changing the risks or functions ?
Regards
Prasad
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
HI Prasad,
The ruleset generation will be triggered automatically when you import rules in the CC/RAR system, there is no manual intervention at that time. So in case you have uploaded any rule sets then there might be a background job automatically triggered to generate the rule set.
The best practise in such cases is to maintain a backup of the exisitng rules before importing the new ruleset so that in case the same does not work or gets corrupt you can re import the earlier version.
Regards
Vani
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi
If i change the risks it automatically triggers the Rule generation job which will change the Action level rule id . This is my issue and i want find a way to maintain rules without changing the risks or functions . I know we have a manual way of maintaining rules in version 4.0
Regards
Prasad
- ISAE 3000 for SAP S/4HANA Cloud Public Edition - Evaluation of the Authorization Role Concept in Enterprise Resource Planning Blogs by SAP
- Preferred Alternative UoM for Warehouse Operation in EWM in Supply Chain Management Blogs by Members
- Managing PFAS with SAP: Regulations and Business Challenges in Product Lifecycle Management Blogs by Members
- SAP SuccessFactors Employee Central: 1H 2024 Release Highlights in Human Capital Management Blogs by Members
- Simplifying Employee and Manager Experiences with Employee Central Quick Actions in Human Capital Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.